<?php

$debug = FALSE;

/************************************************************
   Adjust the headers...
************************************************************/
	header("Expires: Thu, 17 May 2001 10:17:17 GMT");    // Date in the past
  	header ("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); // always modified
	header ("Cache-Control: no-cache, must-revalidate");  // HTTP/1.1
	header ("Pragma: no-cache");                          // HTTP/1.0

/*****************************************************************************
   Check the session details.
   we will store all the post variables in session variables
   this will make it easier to work with the verification routines
*****************************************************************************/
	


	if (!isset($_SESSION['SESSION'])) require_once( "session_init.php" );

	$arVal = array();
	require_once("session_funcs1.php");
		
	reset ($_POST);
	while (list ($key, $val) = each ($_POST)) {
		if ($val == "") $val = "NULL";
		$arVals[$key] = (get_magic_quotes_gpc()) ? $val : addslashes($val);
		if ($val == "NULL")
			$_SESSION[$key] = NULL;
		else
			$_SESSION[$key] = $val;
		if ($key != "gender" && $key != "password") $arVals[$key] = "'".$arVals[$key]."'";
		if ($debug) echo $key . " : " . $arVals[$key] . "<br>";
	}

/**********************************************************************************************
   Make sure session variables have been set and then check for required fields
   otherwise return to the registration form to fix the errors.
**********************************************************************************************/

	// check to see if these variables have been set...
	if ((!isset($_SESSION["fname"])) || (!isset($_SESSION["lname"])) || (!isset($_SESSION["email1"])) ||  (!isset($_SESSION["RecoveryPhoneNumber"]))   || (!isset($_SESSION["idnumber"]))) {
		 resendToForm("?flg=red");
	}
		// form variables must have something in them...
	if ($_SESSION['fname'] == "" || $_SESSION['lname'] == "" || $_SESSION['email1'] == "" || $_SESSION['RecoveryPhoneNumber'] == ""  || $_SESSION['city'] == "" || $_SESSION['gender'] == "") {
		resendToForm("?flg=red");
	}
	
	// make sure fields are within the proper range...
	if (strlen($_SESSION['fname']) > 35  || strlen($_SESSION['lname']) > 35 || strlen($_SESSION['RecoveryPhoneNumber']) > 30 || strlen($_SESSION['password']) > 30) {
		resendToForm("?flg=white");
	}
	
		
/**********************************************************************************************
  Check the DB for records...
**********************************************************************************************/

/// check for the email already in the database...
$server	    = 'localhost';
$username	= 'root';
$password	= '';
$database	= 'tinkenawo_users';
$connect=mysql_connect($server, $username, $password);
 if(!$connect){
 exit('Error: can not connect to the server'); 
 };
$select=mysql_select_db($database);
if(!$select){
 exit('Error: can not select the database'); 
 }else{
 	$email=$_POST['email1'];
	$query = "SELECT COUNT(`user_email`) FROM `temp_users` WHERE `user_email` ='$email' ";
	if ($debug) echo "<br>SQL STATEMENT:<br>".$query."<br><br>";   
	 $result = mysql_query($query) or die("Invalid query (login): " . mysql_error());
	 $row = mysql_fetch_row($result);
	 
	 
	if ($row[0] > 0) {  // an email aleady exists in the database, because the row count > 0...
		resendToForm("?flg=yellow");
	}	
 }
	/* WHEN YOU INSERT USE MD5 for Passwords!!!! */
	$password1 = $_POST['password'];
	$arVals['password'] = "'".md5(md5($arVals['password']))."'";
	$code=md5(rand());
/**********************************************************************************************
  Insert into the database...
**********************************************************************************************/
$server	    = 'localhost';
$username	= 'root';
$password	= '';
$database	= 'tinkenawo_users';
$connect=mysql_connect($server, $username, $password);
 if(!$connect){
 exit('Error: can not connect to the server'); 
 }
$select=mysql_select_db($database);
	$query1 = "INSERT INTO `temp_users` (`user_fname`, `user_lname`, `user_pass`, `user_email`, `user_gender`,  `user_dateofreg`, `user_name`, `user_type`, `user_phonenum`, `user_dst`, `user_code`, `id_type`, `id_num`, `user_title`) "
		."VALUES (".$arVals['fname'].", ".$arVals['lname'].", ".$arVals['password'].",  '$email', ".$arVals['gender'].", NOW(), ".$arVals['username'].",'0', ".$arVals['RecoveryPhoneNumber'].", ".$arVals['city'].",'$code' , ".$arVals['id'].", ".$arVals['idnumber'].", ".$arVals['title'].")";

	//echo $query;

	$result = mysql_query($query1) or die("Invalid query: " . mysql_error() . "<br><br>". $query1);
	$insertid = mysql_query("SELECT `user_id` FROM `temp_users` WHERE `user_email`='$email'");
	header("Location:welcome.php?id=".$insertid."&p=".urlencode($password1));	
	/*SendMail($insertid, $password);	
	function SendMail($userid, $password) {
			// Construct the message....
			$mail = "Hello ".$_SESSION['fname'].",\n\nThank your for your email.\nWe look forward to your evaluation of our product.\n\n";
			$mail .= "Here is your userid: ".$userid."\n\n";
			$mail .= "Here is your password: ".$password."\n\n";
			$mail .= "Name: ".$_SESSION['fname']." ".$_SESSION['lname']."\n";
			$mail .= "Email Address: ".$_SESSION['email1']."\n";
			$mail .= "Phone: ".$_SESSION['RecoveryPhoneNumber']."\n\n";
			$mail .= "Best Regards,\nCustomer Service\n\n";
			
			// If any lines are larger than 70 characters, we will use wordwrap()
			$message = wordwrap($mail, 70);
			
			// Send the email...
			mail($_SESSION[''], 'Welcome to Our Site', $message, "From: Tinkenawo.com\r\n");
			
			$mail = str_replace("\n", "<br>", $mail);		
			echo "<b>The following mail was sent:</b><br>".$mail;
			
		}	*/

	/*** This following function will update session variables and resend to the form so the user can fix errors ***/

	function resendToForm($flags) {
			reset ($_POST);
			// store variables in session...
			while (list ($key, $val) = each ($_POST)) {
				$_SESSION[$key] = $val;
			}	
			// go back to the form...
			//echo $flags;
			header("Location: SIGNUP.PHP".$flags);
			exit;
	}
		//reset ($arVals);
/*	while (list ($key, $val) = each ($arVals)) {
		echo $key . " : " . $arVals[$key] . "<br>";
	}
	
	echo "<br><br>The SQL Statement was:<br>";
	echo $query1."<br><br><br><br>";*/
				
?>


